Skip to content

Commit

Permalink
Detects invalid encodings of bls12381 elements.
Browse files Browse the repository at this point in the history
  • Loading branch information
armfazh committed Jun 10, 2024
1 parent d556030 commit 5c44dde
Show file tree
Hide file tree
Showing 3 changed files with 49 additions and 19 deletions.
56 changes: 37 additions & 19 deletions ecc/bls12381/doc.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,23 +32,41 @@
// is the lexicographically largest of the two associated with the encoded
// x-coordinate.
//
// |----------------------------------------------------|
// | Serialization Format |
// |-----|-------|-------|---------------|--------------|
// | MSB | MSB-1 | MSB-2 | Description | Encoding |
// |-----|-------|-------|---------------|--------------|
// | 0 | X | X | Uncompressed | e || x || y |
// | 1 | X | X | Compressed | e || x |
// |-----|-------|-------|---------------|--------------|
// | X | 0 | X | Non-Infinity | e || x || y |
// | X | 1 | X | Infinity | e || 0 || 0 |
// |-----|-------|-------|---------------|--------------|
// | | | | Compressed, | |
// | 1 | 0 | 1 | Non-Infinity, | e || x |
// | | | | Big y-coord | |
// |-----|-------|-------|---------------|--------------|
// | | | | Compressed, | |
// | 1 | 0 | 0 | Non-Infinity, | e || x |
// | | | | Small y-coord | |
// |----------------------------------------------------|
// |------------------------------------------------------|
// | Serialization Format |
// |-----|-------|-------|-----------------|--------------|
// | MSB | MSB-1 | MSB-2 | Description | Encoding |
// |-----|-------|-------|-----------------|--------------|
// | | | | Non-compressed, | |
// | 0 | 0 | 0 | Non-Infinity, | e || x || y |
// | | | | Zero. | |
// |-----|-------|-------|-----------------|--------------|
// | | | | Non-compressed, | |
// | 0 | 0 | 1 | Non-Infinity, | Invalid |
// | | | | One. | |
// |-----|-------|-------|-----------------|--------------|
// | | | | Non-compressed, | |
// | 0 | 1 | 0 | Infinity, | e || 0 || 0 |
// | | | | Zero. | |
// |-----|-------|-------|-----------------|--------------|
// | | | | Non-compressed, | |
// | 0 | 1 | 1 | Infinity, | Invalid |
// | | | | One. | |
// |-----|-------|-------|-----------------|--------------|
// | | | | Compressed, | |
// | 1 | 0 | 0 | Non-Infinity, | e || x |
// | | | | Small y-coord | |
// |-----|-------|-------|-----------------|--------------|
// | | | | Compressed, | |
// | 1 | 0 | 1 | Non-Infinity, | e || x |
// | | | | Big y-coord | |
// |-----|-------|-------|-----------------|--------------|
// | | | | Compressed, | |
// | 1 | 1 | 0 | Infinity, | e || 0 |
// | | | | Zero. | |
// |-----|-------|-------|-----------------|--------------|
// | | | | Compressed, | |
// | 1 | 1 | 1 | Infinity, | Invalid |
// | | | | One. | |
// |------------------------------------------------------|
package bls12381
6 changes: 6 additions & 0 deletions ecc/bls12381/g1.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,12 @@ func (g *G1) SetBytes(b []byte) error {
return errInputLength
}

// Check for invalid prefixes
switch b[0] & 0xE0 {
case 0x20, 0x60, 0xE0:
return errEncoding
}

isCompressed := int((b[0] >> 7) & 0x1)
isInfinity := int((b[0] >> 6) & 0x1)
isBigYCoord := int((b[0] >> 5) & 0x1)
Expand Down
6 changes: 6 additions & 0 deletions ecc/bls12381/g2.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,12 @@ func (g *G2) SetBytes(b []byte) error {
return errInputLength
}

// Check for invalid prefixes
switch b[0] & 0xE0 {
case 0x20, 0x60, 0xE0:
return errEncoding
}

isCompressed := int((b[0] >> 7) & 0x1)
isInfinity := int((b[0] >> 6) & 0x1)
isBigYCoord := int((b[0] >> 5) & 0x1)
Expand Down

0 comments on commit 5c44dde

Please sign in to comment.